Identity Assurance Frameworks Are Now Upon Us. But What Are They For?
Facebook X LinkedIn

Identity Assurance Frameworks Are Now Upon Us. But What Are They For?

Combined Session
Thursday, May 12, 2011 15:00—16:00
Location: Ammersee I

Identity Assurance Frameworks Are Now Upon Us. But What Are They For?

Identity assurance frameworks are now upon us, but what are they for? Put simply they were created to catalyze a new market for identity services on the Internet. An online marketplace where convenience is enhanced for the user, new revenue streams are created for identity providers, application usage is improved for relying parties, and trust, assurance, and privacy is increased for everyone.

Identity on the Internet continues on its unsustainable track. Users are overwhelmed by the need to both register and continuously prove their identity on the Internet, Web sites are burdened with expensive and highly redundant systems and processes needed to proof and authenticate users, and criminals are expanding their ability to take advantage of weak Internet identity systems to steal money and create havoc. While important identity federation technologies have been around for sometime – OpenID, SAML, Information Cards – and certainly show some traction and promise, the unsustainable march of identity on the Internet still continues. Why? How can we address the problem? Ultimately the problem is not one of technology, but one of trust and economics.

It remains clear that an important part of the ultimate solution will come from the use of federated identity on an Internet scale. Our ultimate solution needs to enable a situation where users have a relatively small number of places on the Internet where their identity is validated, but a very large number of sites where they can easily and securely go to transact both their personal and organizational business. What is needed is an open marketplace of identity services such that the three actors – Identity Providers, Service Providers, & Users – can be brought together for the benefit of all. Where users can get access to the services they want, securely, but also the economic incentives and levels of trust also exist such that this type of federated Internet collaboration can take place at massive scale.

Identity Assurance Frameworks, such as the one that was recently launched by the non-profit, Kantara Initiative, was created to help catalyze such a federated identity market. A more comprehensive description of the Kantara IAF can be found here. The purpose of my session is to describe more fully the problem area, what IAFs are, and how they are operated. It will touch on the enabling federation technologies, but not dwell on them. Also the session will delve into the market areas, both verticals and geographies, where IAFs are currently gaining the most traction and what we can learn from that. Finally I will conclude the session with recommendations on whether and how the audience and their respective organizations might be able to take part in these new identity services marketplaces.

Identity Assurance Frameworks Are Now Upon Us. But What Are They For?
Presentation deck
Identity Assurance Frameworks Are Now Upon Us. But What Are They For?
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Matthew Gardiner
Matthew Gardiner
Kantara Initiative
Matthew Gardiner is a Director working in the Security business unit at CA Technologies. He is a recognized industry leader in the security & Identity and Access Management (IAM) markets...

Trust Frameworks vs. Government eID Solutions

With an increase in online services, having a user friendly and safe national eID solution is becoming more and more important. Different approaches to provide this exist, and especially the role of government is very different between countries. In this panel experts from different European countries and the US will debate if a national eID should be provided by the government (e.g., German ePA, Dutch DigiD) or within a trust framework (e.g., Sweden BankID, Dutch eRecognition, US ICAM/OIX). A trust framework is a set of rules, including governance of these rules, for private parties to compete with each other to offer eID services. This panel will discuss privacy aspects, trust issues, business models and security issues.

Dirk Arendt
Dirk Arendt
OpenLimit SignCubes AG
Dirk Arendt was born in 1966 and is a German national. As Vice President, Business Development, he has been a member of the board of managment of the OpenLimit Group since January 2009. From...
Dr. Teodor Dumitrescu
Dr. Teodor Dumitrescu
Siemens IT Solutions and Services
Teodor Dumitrescu is in charge of the development of DirX, the identity and access management product suite of Siemens (http://www.siemens.com/iam). Teodor has been closely involved for more than...
Dr. Stephan Humer
Dr. Stephan Humer
UdK Berlin
Dr. Stephan Humer is Research Director/Adjunct Professor at the Berlin University of the Arts, one of the oldest and most renowned Universities in Germany. Several other involvements e.g. at the...
Colin Wallis
Colin Wallis
Internal Affairs Dept, New Zealand Government
Colin holds leadership positions across the consortium space in Information Security and Trusted Identity - particularly where policy, strategy and technology plays into cloud, big data, government...
Dr. Maarten Wegdam
Dr. Maarten Wegdam
InnoValor - ReadID
Dr. Maarten Wegdam is co-founder and the Managing Partner of InnoValor, and CEO of InnoValor Software. InnoValor Software’s flagship product is ReadID, a mobile identity verification software...
Subscribe for updates
Please provide your email address